[j-nsp] Build a GRE tunnel on VRRP routers
Hi, I would like to configure a GRE tunnel between two couples of VRRP redundant routers , The problem is that, I can't Use the Virtual IP to build on the tunnel. How can I build my GRE in this case, to detect faillure and interact with the VRRP mecanism. O __O VRRP *GRE*__VRRP O O ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] prefix-list: ios 2 junos
Ever had to translate 38000 lines of prefix-lists from ios to junos
I had, and so I wrote this little bash script that does it for you.
Still very basic so it does only permit form and no 'ge' nor 'le'; only
plain form.
Takes from stdin the ios prefix-list as in running-config and spits out
the junos form.
You can pipe to it the entire running-config as it filters by itself the
prefix-lists and discards the rest.
HTH,
Bit.
~~~
#!/bin/bash
# Developed by TosoSoft 2009
while read W1 W2 PL_NAME W3 W4 W5 PREFIX; do
PL_NAME=`echo $PL_NAME | tr 'a-z' 'A-Z'`
echo $PREFIX | grep -q e
GOOD=$?
if [[ $W5 = permit ]] [[ $GOOD = 1 ]]
then
if [[ $PL_NAME != $PL_PREVIOUS_NAME ]]
then
if [ -n $PL_PREVIOUS_NAME ]
then
echo \}
fi
echo $W2 $PL_NAME '{'
echo $PREFIX\;
else
echo $PREFIX\;
fi
PL_PREVIOUS_NAME=$PL_NAME
fi
done
echo \}
Example
$ echo 'ip prefix-list bit-gossip seq 5 permit 1.1.1.0/24'\
| ./prefixlist-2j.sh
prefix-list BIT-GOSSIP {
1.1.1.0/24;
}
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Build a GRE tunnel on VRRP routers
Fatiha HOUACINE wrote: Hi, I would like to configure a GRE tunnel between two couples of VRRP redundant routers , The problem is that, I can't Use the Virtual IP to build on the tunnel. How can I build my GRE in this case, to detect faillure and interact with the VRRP mecanism. O __O VRRP *GRE*__VRRP O O I don't think you can use the vrrp ips as tunnel endpoints but you could setup two tunnels and use OSPF for failover. Just make sure you have static routes for the tunnel endpoints so the ospf learned routes don't take down the tunnels :) - Kevin ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Build a GRE tunnel on VRRP routers
I second the previous email but add that you should make sure you enable GRE keepalives for quick resolution of downed tunnel status. Regards, On 2/22/09, Kevin Loch kl...@kl.net wrote: Fatiha HOUACINE wrote: Hi, I would like to configure a GRE tunnel between two couples of VRRP redundant routers , The problem is that, I can't Use the Virtual IP to build on the tunnel. How can I build my GRE in this case, to detect faillure and interact with the VRRP mecanism. O __O VRRP *GRE*__VRRP O O I don't think you can use the vrrp ips as tunnel endpoints but you could setup two tunnels and use OSPF for failover. Just make sure you have static routes for the tunnel endpoints so the ospf learned routes don't take down the tunnels :) - Kevin ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- Sent from Gmail for mobile | mobile.google.com Stefan Fouant Windows XP crashed. I am the Blue Screen of Death. No one hears your screams. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Build a GRE tunnel on VRRP routers
VRRP was designed really for having two routers on a LAN and providing default gateway redundancy for hosts on the LAN. You should not mix your GRE tunnels with VRRP. Just build two tunnels and use a routing protocol over them for redundancy. Fatiha HOUACINE wrote: Hi, I would like to configure a GRE tunnel between two couples of VRRP redundant routers , The problem is that, I can't Use the Virtual IP to build on the tunnel. How can I build my GRE in this case, to detect faillure and interact with the VRRP mecanism. O __O VRRP *GRE*__VRRP O O ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.0.237 / Virus Database: 270.11.2/1965 - Release Date: 02/21/09 15:36:00 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Build a GRE tunnel on VRRP routers
GRE keepalives are not supported. You'd need to use some dynamic protocol , OSPF for instance, and build GRE tunnels based on the dynamically learned addresses (loopback for instance), if you want to achieve some sort of dynamic GRE tunnel. On 2/23/09 12:52 AM, Stefan Fouant wrote: I second the previous email but add that you should make sure you enable GRE keepalives for quick resolution of downed tunnel status. Regards, On 2/22/09, Kevin Lochkl...@kl.net wrote: Fatiha HOUACINE wrote: Hi, I would like to configure a GRE tunnel between two couples of VRRP redundant routers , The problem is that, I can't Use the Virtual IP to build on the tunnel. How can I build my GRE in this case, to detect faillure and interact with the VRRP mecanism. O __O VRRP *GRE*__VRRP O O I don't think you can use the vrrp ips as tunnel endpoints but you could setup two tunnels and use OSPF for failover. Just make sure you have static routes for the tunnel endpoints so the ospf learned routes don't take down the tunnels :) - Kevin ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Fwd: snmp oid for polling DCU
Guys ,
I m getting the DCU values and traffic bytes from the OID
.1.3.6.1.4.1.2636.3.6 .
but in cisco there we poll the traffic via a common 4 dight no. which we
get by running the OID values .
below is the output taken from juniper router where i applied DCU for one
of the customer
my snmp team is asking the values which need to be pool , and PLOT via SNMP
server
so that we get the proper traffic pattern view via SNMP .
{master}
17347...@mum-isp-aggr-rtr- show snmp mib walk .1.3.6.1.4.1.2636.3.6
jnxDCUSrcIfIndex.159.100.101.102.97.117.108.116.95.99.108.97.115.115.0.0.0.0.0.0.0.0.0.0.0.0
= 159
jnxDCUSrcIfIndex.159.100.101.115.116.95.99.108.97.115.115.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
= 159
jnxDCUDstClassName.159.100.101.102.97.117.108.116.95.99.108.97.115.115.0.0.0.0.0.0.0.0.0.0.0.0
= default_class
jnxDCUDstClassName.159.100.101.115.116.95.99.108.97.115.115.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
= dest_class
jnxDCUPackets.159.100.101.102.97.117.108.116.95.99.108.97.115.115.0.0.0.0.0.0.0.0.0.0.0.0
= 615392244
jnxDCUPackets.159.100.101.115.116.95.99.108.97.115.115.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
= 21986324
jnxDCUBytes.159.100.101.102.97.117.108.116.95.99.108.97.115.115.0.0.0.0.0.0.0.0.0.0.0.0
= 166312660826
jnxDCUBytes.159.100.101.115.116.95.99.108.97.115.115.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0
= 8027259994
jnxDcuStatsPackets.159.1.10.100.101.115.116.95.99.108.97.115.115 = 21986324
jnxDcuStatsPackets.159.1.13.100.101.102.97.117.108.116.95.99.108.97.115.115
= 615392572
jnxDcuStatsBytes.159.1.10.100.101.115.116.95.99.108.97.115.115 = 8027259994
jnxDcuStatsBytes.159.1.13.100.101.102.97.117.108.116.95.99.108.97.115.115 =
166312728017
jnxDcuStatsClName.159.1.10.100.101.115.116.95.99.108.97.115.115 = dest_class
jnxDcuStatsClName.159.1.13.100.101.102.97.117.108.116.95.99.108.97.115.115 =
default_class
Regards,
-- Forwarded message --
From: Masood Ahmad Shah mas...@nexlinx.net.pk
Date: Feb 16, 2009 11:16 PM
Subject: RE: [j-nsp] snmp oid for polling DCU
To: shariq qamar shariq@gmail.com, juniper-nsp@puck.nether.net
This will take you on a snmp journey .
ja...@r1# run show snmp mib walk 1
Regards,
Masood
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of shariq qamar
Sent: Monday, February 16, 2009 6:46 PM
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] snmp oid for polling DCU
Dear Techies ,
I m done with QPPB configuration on my Juniper M320 box junos 8.5R3.4
and successfully able to get counters for the destination calss
i want to see the plot of counters via SNMP server .
will anybody explain me how to get OID's values in juniper .
what is the way to get OID's value for DCU so that same we poll via SNMP
server
--
Regards,
Shariq Qamar,
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
--
Regards,
Shariq Qamar,
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Output rate on E1 link
This is result from other router who has same output : show interfaces ls-1/2/0.1 Logical interface ls-1/2/0.1 (Index 91) (SNMP ifIndex 97) Description: BB_Agg_8xE1_to_RX_lsq-3/3/0.8 Flags: Point-To-Point SNMP-Traps 0x4000 Encapsulation: Multilink-PPP Last flapped: 2009-02-23 11:01:25 WIT (03:33:13 ago) Bandwidth: 16384kbps Bundle links information: Active bundle links 8 Removed bundle links 0 Disabled bundle links 0 Statistics Framesfps Bytes bps Bundle: Multilink: Input : 37955627650 18420 3454538483560 13517576 Output: 36941486770 23508 3514060473641 18069664 Network: Input : 37954155730 18087 3304566504633 12725768 Output: 3694320 23396 3213335870332 16524280 Link: e1-0/0/1.0 Up time: 03:33:13 Input : 10828202 2287 984770374 1685432 Output: 20432219 25171913871173 1892688 e1-0/0/2.0 Up time: 03:33:13 Input : 10761329 2267 986877230 1687032 Output: 16833112 29371644943771 2273376 e1-0/0/3.0 Up time: 03:33:13 Input : 10747185 2328 990978029 1686040 Output: 17599485 32811656932827 2445384 and so on show interfaces queue ls-1/2/0.1 Logical interface ls-1/2/0.1 (Index 91) (SNMP ifIndex 97) Description: BB_Agg_8xE1_to_RX_lsq-3/3/0.8 Flags: Point-To-Point SNMP-Traps 0x4000 Encapsulation: Multilink-PPP Last flapped: 2009-02-23 11:01:25 WIT (03:35:47 ago) Bandwidth: 16384kbps Bundle links information: Active bundle links 8 Removed bundle links 0 Disabled bundle links 0 Statistics Framesfps Bytes bps Bundle: Multilink: Input : 37957530253639 3454712607866 449336 Output: 36945073791 23449 3514404765413 18001840 Network: Input : 37956021143633 3304730116997 403944 Output: 36946801675 23413 3213649914738 16539864 Link: e1-0/0/1.0 Up time: 03:35:47 Input : 11065710101100646267665792 Output: 20923224 35151959916989 2624824 e1-0/0/2.0 Up time: 03:35:47 Input : 10998310 50100855872738512 Output: 17270460 28271687553337 2213136 e1-0/0/3.0 Up time: 03:35:47 Input : 10986407 53101278075541976 Output: 18059383 29171699602106 2164528 e1-0/0/4.0 Up time: 03:35:47 Input : 11131064101101276248467576 Output: 17773026 28341702686069 2210880 and so on Seems both enqueued traffic and transmitted traffic has no big difference, and on each partial E1 has over 2Mbps traffic. Thanks, Faizal On Sat, Feb 21, 2009 at 11:37 PM, Nilesh Khambal nkham...@juniper.netwrote: Can you do show interface queue ls-1/2/0.3? Enqueued traffic for the bundle can be more than the actual transmitted traffic. Transmitted traffic should rate-limited at 8xE1 bandwidth. Thanks, Nilesh. On Feb 21, 2009, at 7:21 AM, Faizal Rachman faizal...@gmail.com wrote: Actually it is on bundled E1 as shown below : amnes...@ra show interfaces ls-1/2/0.3 Logical interface ls-1/2/0.3 (Index 88) (SNMP ifIndex 196) Description: BB_Agg_8x_E1_to_RB-1_lsq-3/3/0.11 Flags: Point-To-Point SNMP-Traps 0x4000 Encapsulation: Multilink-PPP Last flapped: 2009-02-20 06:52:22 WIT (03:42:35 ago) Bandwidth: 16384kbps Bundle links information: Active bundle links 8 Removed bundle links 0 Disabled bundle links 0 Statistics Framesfps Bytes bps Bundle: Multilink: Input : 736131100 21096 64681718106 14682112 Output: 888105552 30039 82320671247 22017840 Network: Input : 736092880 21014 62131440103 14111328 Output: 888178093 29965 72967169475 19091368 Look that this link is consist of 8x E1 bundled but output rate was reach more than 2x8Mbps. Any explanation really appreciate :) BR, Faizal On Sat, Feb 21, 2009 at 10:09 PM, Stefan Fouant sfou...@gmail.com wrote: Can you copy your output from 'show interface e1-x/x/x'? On 2/21/09, Faizal Rachman faizal...@gmail.com wrote: Dear All, I just want to make sure about output shown in show interface command, is it possible that output rate counter surpass maximum limit of its interface limitation? Example: output rate in 1xE1 link shown almost 3Mbps rate. Need advice :) Thank you. Faizal
